[ASK] Squid proxy tidak bisa browsing

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

[ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 06 Nov 2012, 08:12

Selamat pagi mastah mastah, sebelumnya saya memperkenalkan diri dulu karna baru di forum ini hehe.

==================================

Nama : Hendra Wahyu Saputro
Alamat : Bogor
Pekerjaan : Mahasiswa

==================================

Saya mau bertanya, kepada mastah mastah disini. saya sudah install squid proxy dengan mengikuti tutorial tutorial di berbagai forum dan website, dengan topologi seperti ini.

==========Squid Proxy
==============||
Modem======Mikrotik======Client

Modem saya jadikan bridge sehingga yg mendial adalah mikrotik.
============================
1. IP modem : 192.168.0.1
2. Mikrotik :
- Public = 192.168.0.2
- Local = 10.10.10.1
- Proxy = 192.168.11.1
3. Ip Proxy = 192.168.11.11
============================

Yang saya bingungkan kenapa saya tidak bisa browsing, yg bisa browsing hanya facebook, youtube, google. untuk website lain tidak bisa, bahkan youtube pun tidak bisa buffer. untuk game online pun tidak bisa. setiap saya browsing selain website di atas pasti ter block.

sudah 3 kali dan lembur 2 hari saya install ulang setting kembali install ulang setting kembali tapi tetep sama kendalanya. :cry:

mohon bantuannya, karena saya newbie sekali tentang squid dan baru belajar. :grin:

Berikut squid.conf yang saya gunakan dan dapat kan dari tutorial di web lain dan sudah saya edit untuk menyesuaikan jaringan dan proxy saya.

# Port
http_port 3128 transparent
icp_port 3130
prefer_direct off

server_http11 on

# Cache

cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99
max_filedesc 8192
maximum_object_size 128 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 128 KB

ipcache_size 10240
ipcache_low 98
ipcache_high 99
fqdncache_size 4096

cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

cache_dir aufs /cache1 20000 16 256 # untuk partisi /cache1 20GB

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
pid_filename /var/run/squid.pid
cache_swap_log /var/log/squid/swap.state
dns_nameservers /etc/resolv.conf
emulate_httpd_log off
hosts_file /etc/hosts
half_closed_clients off
negative_ttl 1 minutes

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 873 # https snews rsync
acl Safe_ports port 80 # http
acl Safe_ports port 20 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 631 # cups
acl Safe_ports port 10000 # webmin
acl Safe_ports port 901 # SWAT
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 110 # POP3
acl Safe_ports port 25 # SMTP
acl Safe_ports port 2095 2096 # webmail from cpanel
acl Safe_ports port 2082 2083 # cpanel

acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports

# pictures & images
refresh_pattern -i \.(gif|png|jpeg|jpg|bmp|tif|tiff|ico)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private
refresh_pattern -i \.(xml|html|htm|js|txt|css|php)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth

#sound & video
refresh_pattern -i \.(flv|x-flv|mov|avi|qt|mpg|mpeg|swf)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache
refresh_pattern -i \.(wav|mp3|mp4|au|mid)$ 10080 50% 43200 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth ignore-private

# files
refresh_pattern -i \.(iso|deb|rpm|zip|tar|tgz|ram|rar|bin|ppt|doc)$ 10080 90% 43200 ignore-no-cache ignore-auth
refresh_pattern -i \.(zip|gz|arj|lha|lzh)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(rar|tgz|tar|exe|bin)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(hqx|pdf|rtf|doc|swf)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth
refresh_pattern -i \.(inc|cab|ad|txt|dll)$ 10080 100% 43200 override-expire ignore-no-cache ignore-auth

# -- refresh pattern for specific sites -- #
refresh_pattern ^http://*.jobstreet.com.*/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache
refresh_pattern ^http://*.indowebster.com.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
refresh_pattern ^http://*.21cineplex.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-auth
refresh_pattern ^http://*.atmajaya.*/.* 720 100% 10080 override-expire ignore-no-cache ignore-auth
refresh_pattern ^http://*.kompas.*/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.theinquirer.*/.* 720 100% 10080 override-expire ignore-no-cache ignore-auth
refresh_pattern ^http://*.blogspot.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.wordpress.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache
refresh_pattern ^http://*.photobucket.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.tinypic.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.imageshack.us/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.kaskus.*/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://www.kaskus.com/.* 720 100% 28800 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detik.*/.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.detiknews.*/*.* 720 50% 2880 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://video.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.liputan6.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.friendster.com/.* 720 100% 10080 override-expire override-lastmod ignore-no-cache ignore-auth
refresh_pattern ^http://*.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://apps.facebook.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://profile.ak.fbcdn.net/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://static.playspoon.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://cooking.game.playspoon.com/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern -i http://[^a-z\.]*onemanga\.com/? 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://media?.onemanga.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.yahoo.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.google.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.forummikrotik.com/.* 720 80% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth
refresh_pattern ^http://*.linux.or.id/.* 720 100% 10080 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-auth

#default option
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

# ALLOWED ACCESS
acl localnet src 10.10.10.0/24 #IP lokal kamu
http_access allow localnet
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow localnet
icp_access allow localhost
icp_access deny all
always_direct deny all


cache_mgr admin@telkom.net.id
visible_hostname inilah-proxy-ku
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid
shutdown_lifetime 10 seconds
logfile_rotate 14

#-----------------------------------------------------------------#
#tcp_outgoing_tos 0x30 localnet
#-----------------------------------------------------------------#

zph_mode tos
zph_local 0x30
zph_parent 0
zph_option 136
User avatar
sayed
Posts: 137
Joined: 21 Jul 2011, 16:19
Location: Lhokseumawe, Aceh
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby sayed » 06 Nov 2012, 17:22

mungkin maximum_object_size berpengaruh tuh
coba disable bagian maximum_objectnya
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 06 Nov 2012, 20:49

Oke saya coba malam ini, terima kasih sarannya. nanti hasilnya saya beri tahu lagi ^_^
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby q_p » 06 Nov 2012, 21:09

@HendraWahyu:
Halo Mas HendraWahyu, saya coba bantu ya dengan mengurainya satu per satu.
1. Bypass squid dulu, lakukan test client bisa browsing tidak? Jika bisa permasalahan kemungkinan ada di squid.conf atau firewall/routing mikrotik.
2. Jika permasalahan ada di suid, lakukan konfigurasi dasar dulu. pelan2 di sesuaiakan dengan dengan kondisi jaringan untuk mencapai performa yang optimum.
3. Untuk masalah firewall/routing di mikrotik, mohon maaf saya tidak bisa bantu.
BTW, kenapa tidak dijadikan satu saja di Ubuntu server (sehingga full-openSource)?, bisa kok diisi:
- DHCPServer - DNSServer -ProxyServer -NTPserver -LAMPserver -webHTB -Samba_CUPS -firewall.
Semoga membantu.
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 06 Nov 2012, 21:34

tadinya kalo saya tau ubuntu server bisa untuk semuanya dan bandwith juga saya ga beli mikrotik. udah terlanjur beli mikrotik 2 hari yang lalu T_T . ini saya mulai penginstallan ulang lagi, apa saja paket yg harus saya install? openSSH saja kah? ubuntu server ini di gunakan untuk proxy external saja
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby q_p » 06 Nov 2012, 22:16

@HendraWahyu;
Simpan saja mikrotik-nya, coba dulu link ini..
Semoga meng-inspirasi anda.
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 06 Nov 2012, 23:27

wah saya juga lagi progress mengikuti tutorial itu. ini baru bisa konek ke internet setelah setting NAT nya ^_^

saya sedang coba dan belajar secara bertahap, linux memang keren yah hehe
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 07 Nov 2012, 16:34

Saya suah install squid proxy di server ubuntu 10.10 full open sourde, browsing jalan lancar tetapi tidak ter cache oleh squid. membuat iptables sudah untuk forward ke port 3128. permasalahannya dimana yah? tolong bantu para master master :(
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby q_p » 07 Nov 2012, 18:39

Selamat ya, progress-nya bagus.
Pastikan squid sudah jalan dengan perintah :

Code: Select all

ps aux | grep squid
Kalau jalan, muncul yang seperti ini (note= dua baris pertama):

Code: Select all

root      1880  0.0  0.0  23508   788 ?        Ss   Oct12   0:00 /usr/sbin/squid -D -YC
proxy     1883  2.3  0.8 120916 68792 ?        Sl   Oct12 910:01 (squid) -D -YC
proxy    10038  0.0  0.1  17508  9352 ?        S    03:59   0:39 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    10039  0.0  0.0  15440  7200 ?        S    03:59   0:06 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    10040  0.0  0.0  15052  6908 ?        S    03:59   0:02 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    10041  0.0  0.0  15052  6828 ?        S    03:59   0:01 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    10042  0.0  0.0  14920  6748 ?        S    03:59   0:01 (squidGuard) -c /usr/local/squidGuard/squidGuard.conf
proxy    10043  0.0  0.0  16980  2096 ?        S    03:59   0:00 /usr/bin/perl /etc/squid/storeurl.pl
proxy    10044  0.0  0.0  16852  2080 ?        S    03:59   0:00 /usr/bin/perl /etc/squid/storeurl.pl
root     22456  0.0  0.0   7640   984 pts/1    S+   18:33   0:00 grep --color=auto squid
root     31707  0.0  0.0   9768   876 pts/2    S+   15:00   0:00 tail -f /var/log/squid/access.log
CMIIW.
Semoga membantu.
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 08 Nov 2012, 00:24

saya muncul hanya 3 baris ini, sudah bener apa belum? tapi kok proxy belum bisa cache yah :(

Code: Select all

root      1037  0.0  0.1   4876   732 ?        Ss   00:23   0:00 /usr/sbin/squid -D -YC
proxy     1040  1.0  0.9  15828  4968 ?        Sl   00:23   0:00 (squid) -D -YC
root      1066  0.0  0.1   3456   768 pts/0    S+   00:23   0:00 grep --color=auto squid
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 08 Nov 2012, 01:28

proxynya masih tidak jalan, tidak bisa cache sama sekali. mungkin ada salah pengaturan. saya coba install ulang lagi ubuntu servernya agar bersih semua dan setting kembali ^_^
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 08 Nov 2012, 09:59

saya sudah install lagi, mengikuti tutorial sama semua. tapi tetap sama tidak jalan :(. padahal saya sudah men direct ke proxy server port 80,880 ke port 3128
User avatar
sipelaut
Posts: 1963
Joined: 03 Jan 2010, 17:25
Location: madura-sampang
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby sipelaut » 08 Nov 2012, 13:20

copas dimari hasil iptablesnya masbro...
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby q_p » 08 Nov 2012, 14:14

HendraWahyu wrote:saya muncul hanya 3 baris ini, sudah bener apa belum? tapi kok proxy belum bisa cache yah :(

Code: Select all

root      1037  0.0  0.1   4876   732 ?        Ss   00:23   0:00 /usr/sbin/squid -D -YC
proxy     1040  1.0  0.9  15828  4968 ?        Sl   00:23   0:00 (squid) -D -YC
root      1066  0.0  0.1   3456   768 pts/0    S+   00:23   0:00 grep --color=auto squid
Proxy sudah jalan. Coba lakukan browsing di client dan pantau dengan perintah

Code: Select all

tail -f /var/log/squid/access.log
atau di bawah ini jika ter-install ccze =
tail -f /var/log/squid/access.log | ccze
atau di bawah ini untuk melihat HIT-nya.
tail -f /var/log/squid/access.log | grep HIT

saya sudah install lagi, mengikuti tutorial sama semua. tapi tetap sama tidak jalan frown. padahal saya sudah men direct ke proxy server port 80,880 ke port 3128
Yang diredirect port 80 saja
sipelaut wrote:copas dimari hasil iptablesnya masbro...
saya tambahkan ya, squid.conf -nya di-copas disini juga.
Semoga membantu.
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 08 Nov 2012, 18:27

ini settingan jelasnya

modem jadikan bridge

eth0 = 192.168.1.2
eth1 = 10.10.10.1
pp0

ini IP Tables saya, maaf kalo banyak soalnya masih belajar harusnya hanya 2 saja kan.
saya menggunakan script ini

# iptables -t nat -I PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
# iptables -t nat -I PREROUTING -i eth1 -p udp -m udp --dport 80 -j REDIRECT --to-ports 3128

Code: Select all

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
REDIRECT   udp  --  anywhere             anywhere            udp dpt:www redir ports 3128
REDIRECT   udp  --  anywhere             anywhere            udp dpt:www redir ports 3128
REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:www redir ports 3128
REDIRECT   udp  --  anywhere             anywhere            udp dpt:www redir ports 3128
REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:www redir ports 3128
REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:www redir ports 3128

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere


dan ini squid.conf nya

Code: Select all

#==================================$
# Proxy Server Versi 2.7.Stable3
# by th@opikdesign.com
#==================================$
#################################################################
# Port
#################################################################
http_port 3128 transparent
icp_port 3130
prefer_direct off
#################################################################
# Cache & Object
#################################################################
cache_mem 8 MB
cache_swap_low 98
cache_swap_high 99
max_filedesc 8192
maximum_object_size 1024 MB
minimum_object_size 0 KB
maximum_object_size_in_memory 4 bytes
ipcache_size 4096
ipcache_low 98
ipcache_high 99
fqdncache_size 4096
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
#################################################################
# cache_dir <type> <Directory-Name> <Space in Mbytes> <Level1> <Level2> <options>
cache_dir aufs /home/proxy1 20000 32 256
#cache_dir aufs /home/proxy2 9000 32 128
#cache_dir aufs /home/proxy3 9000 32 128
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
pid_filename /var/run/squid.pid
cache_swap_log /var/log/squid/swap.state
dns_nameservers /etc/resolv.conf
emulate_httpd_log off
hosts_file /etc/hosts
half_closed_clients off
negative_ttl 1 minutes
#################################################################
# Rules: Safe Port
#################################################################
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563 873 # https snews rsync
acl Safe_ports port 80 # http
acl Safe_ports port 20 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 631 # cups
acl Safe_ports port 10000 # webmin
acl Safe_ports port 901 # SWAT
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 873 # rsync
acl Safe_ports port 110 # POP3
acl Safe_ports port 25 # SMTP
acl Safe_ports port 2095 2096 # webmail from cpanel
acl Safe_ports port 2082 2083 # cpanel
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports !SSL_ports
http_access deny CONNECT !SSL_ports !Safe_ports
#################################################################
# Refresh Pattern
#################################################################
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(iso|avi|wav|mp3|mp4|mpeg|mpg|swf|flv|x-flv)$ 43200 90% 432000 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(deb|rpm|exe|ram|bin|pdf|ppt|doc|tiff)$ 10080 90% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(zip|gz|arj|lha|lzh|tar|tgz|cab|rar)$ 10080 95% 43200 override-expire ignore-no-cache ignore-private
refresh_pattern -i \.(html|htm|css|js|php|asp|aspx|cgi) 1440 40% 40320
refresh_pattern . 0 20% 4320
#################################################################
# HAVP + Clamav
#################################################################
cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default
#################################################################
# HIERARCHY (BYPASS CGI)
#################################################################
#hierarchy_stoplist cgi-bin ? .js .jsp
#acl QUERY urlpath_regex cgi-bin \? .js .jsp
#no_cache deny QUERY
#################################################################
# SNMP
#################################################################
snmp_port 3401
acl snmpsquid snmp_community public
snmp_access allow snmpsquid localhost
snmp_access deny all
#################################################################
# ALLOWED ACCESS
#################################################################
acl persegi src 10.10.10.0/24 ## Sesuaikan
http_access allow persegi
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow persegi
icp_access allow localhost
icp_access deny all
always_direct deny all
#################################################################
# Cache CGI & Administrative
#################################################################
cache_mgr th@opikdesign.com
cachemgr_passwd 123 all
visible_hostname kemangi.net
cache_effective_user proxy
cache_effective_group proxy
coredump_dir /var/spool/squid
shutdown_lifetime 10 seconds
logfile_rotate 14


Mohon bantuannya yah, saya sudah berkali kali install ulang terus untuk nyetting ulang squid proxy ini dan hasilnya tetep saja nihil :(
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby q_p » 08 Nov 2012, 18:36

@HendraWahyu, Sabar ya mas....tetap semangat.
Kalau anda mengikuti tut-nya bang Opick, kayaknya ada yang kurang nih. Firewall/iptables-nya tidak di pasang ya? Saran saya, ikuti step by step jangan di ambil sepotong2 dan tidak usah buru2.
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 08 Nov 2012, 18:58

iah mas @pragola_pati ini squid proxy membuat saya penasaran terus hingga saya terus mengulang ngulang nyetting squid dan install ubuntu servernya :), di tutorial bang opick, ada mengatur DNS dengan bind9 apa itu perlu?
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby q_p » 08 Nov 2012, 19:02

Perlu, untuk latihan gak ada salahnya kan ?
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 08 Nov 2012, 19:09

kegunaan DNS bind9 itu untuk apa yah mas? apa kita bisa bikin domain sendiri dan bisa di akses oleh pc yg berada di luar jaringan saya?

mas saya mau tanya

untuk settingan ini

iptables -t nat -I PREROUTING -i (eth1) -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128

yang saya beri tanda kurung itu, harusnya ke jaringan lan atau ke internet?


dan 1 lagi mas ada yg belum saya mengerti

untuk "cache_dir aufs /home/proxy1 20000 32 256"

angka 32 dan 256 itu apa yah? karena di setiap tutorial berbeda beda


kalau ke internet, kan saya menggunakan bridge modemnya, berati ke ppp0 yah?
User avatar
HendraWahyu
Posts: 23
Joined: 06 Nov 2012, 07:54
Location: Bogor
Contact:

Re: [ASK] Squid proxy tidak bisa browsing

Postby HendraWahyu » 08 Nov 2012, 19:22

saya cek acces.log

banyak seperti ini

Code: Select all

1352377376.929    573 10.10.10.2 TCP_MISS/200 983 GET http://ads.ookla.com/www/delivery/lg.php? - DIRECT/74.209.160.10 image/gif
1352377377.161    573 10.10.10.2 TCP_MISS/200 908 GET http://ads.ookla.com/www/delivery/lg.php? - DIRECT/74.209.160.10 image/gif
1352377377.218    419 10.10.10.2 TCP_MISS/200 351 GET http://ad.ru.doubleclick.net/dot.gif? - DIRECT/173.194.38.188 image/gif
1352377377.560 899704 10.10.10.2 TCP_MISS/504 1734 GET http://su.ff.avast.com/R/Az4KEMP6YrLZY4FKra3EOt9gNHsSBAAIERIYsAkiACoECAMQACoHCAQQoPzvDCoECAUQATIKCAQQoPzvDBiACg== - DIRECT/77.234.44.55 text/html
1352377388.350    669 10.10.10.2 TCP_MISS/200 222 POST http://ai.ff.avast.com/F/AP8AAAAAAAAAAAAAAAAAAAAA - DIRECT/77.234.40.114 application/octet-stream
1352377389.098    150 10.10.10.2 TCP_MISS/200 630 POST http://ubuntu-indonesia.com/forums/ubbthreads.php - DIRECT/113.197.35.151 text/xml
1352377403.672    145 10.10.10.2 TCP_MISS/200 630 POST http://ubuntu-indonesia.com/forums/ubbthreads.php - DIRECT/113.197.35.151 text/xml
1352377419.247    141 10.10.10.2 TCP_MISS/200 630 POST http://ubuntu-indonesia.com/forums/ubbthreads.php - DIRECT/113.197.35.151 text/xml
1352377433.848    163 10.10.10.2 TCP_MISS/200 630 POST http://ubuntu-indonesia.com/forums/ubbthreads.php - DIRECT/113.197.35.151 text/xml


apa sudah jalan squidnya?

Return to “Ubuntu Server”

Who is online

Users browsing this forum: No registered users and 1 guest